External Account Login & Developer Identity Linking for GitHub, GitLab and Self-Hosted Git Providers #42
Labels
No labels
bug
documentation
duplicate
enhancement
future idea
good first issue
help wanted
invalid
question
roadmap:phase-agents
roadmap:phase-backend
roadmap:phase-cli
roadmap:phase-docs
roadmap:phase-foundation
roadmap:phase-hardening
roadmap:phase-installer
roadmap:phase-plugins
roadmap:phase-runtime
roadmap:phase-store
roadmap:status-active
roadmap:status-blocked
roadmap:status-done
roadmap:status-planned
roadmap:v2-agent-orchestration
roadmap:v2-auth
roadmap:v2-chat-runtime
roadmap:v2-cli
roadmap:v2-dashboard
roadmap:v2-hardening
roadmap:v2-model-providers
roadmap:v2-plugins-store
roadmap:v2-realtime
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
FTMahringer/Synapse#42
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Problem / Motivation
Synapse supports an admin user and can have multiple normal users. For plugin development, marketplace publishing, authorship and collaboration features, users should be able to connect or sign in with external developer accounts.
Important targets:
This would allow Synapse to use a verified developer identity when creating plugins, publishing plugins, showing authorship, assigning ownership, and simplifying developer workflows.
Proposed Solution
Add external login/account linking support using OAuth2/OIDC where possible.
Core functionality:
Possible supported providers:
Suggested Data Model
Secrets/tokens should not be stored directly on the entity. Store them through Synapse secret management and only reference them from the external account record.
Plugin Author Use Case
When a user creates a plugin, Synapse can automatically use the linked provider identity.
Example generated plugin metadata:
This improves:
Admin Configuration
Admins should be able to configure allowed external login providers.
Possible settings:
Security Requirements
Future Extensions
Priority
Medium / High
This becomes important before the plugin marketplace, plugin publishing workflow and developer ecosystem become public-facing.